Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 12 Next »

Note: The MDQ beta service was retired May 1, 2019 and currently replaced with a "preview" (pre-production) MDQ service.

References

https://spaces.at.internet2.edu/display/MDQ/The+Guide

https://spaces.at.internet2.edu/display/MDQ/Per-Entity+Metadata+Service+Documentation

https://spaces.at.internet2.edu/display/InCCollaborate/Metadata+Query+Protocol

https://spaces.at.internet2.edu/display/perentity/MDQ+Client+Software

https://wiki.shibboleth.net/confluence/display/XSTJ2/xmlsectool+V2+Home


Caution: The state of MDQ server behavior is in flux, and downloading metadata from the URL below (step 2) with a browser may not provide usable results. Check that your results are XML and not HTML.

Procedure

  1. Obtain and verify the InCommon Metadata Query Protocol signing certificate and verify the signing key fingerprint.
    See https://spaces.at.internet2.edu/display/MDQ/MDQ+Signing+Key

  2. Fetch the UC Davis IdP metadata.

    curl --silent --output ucdavis-metadata.xml \
        http://mdq-preview.incommon.org/entities/urn%3Amace%3Aincommon%3Aucdavis.edu

  3. Validate the XML signature. Note: several other ways to verify the digital signature on an XML document exist, as well, cf. Google search.

    xmlsectool --verifySignature --inFile ucdavis-metadata.xml --certificate incommon-mdq.pem
  • No labels